Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:vibriefing.news
I ran this command: Webmin (Let's encrypt)
It produced this output:DST Root CA X3 - Valid from 9/30/2000 to 9/30/2021
My web server is (include version):https://(N/A)
The operating system my web server runs on is (include version):linux
My hosting provider, if applicable, is: GCP
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):webmin SSL configuration
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I am using the GUI from webmin
How can I renew it with a different DST Root CA number. As you can see the certificate renews for 3 months but it is strangely assigned to an expired Let's encrypt certificate.
Having similar issues with winacme (wacs.exe) & wincertes.
My web server: IIS 7
Operating System: Windows Server 2019 Standard
I can log into a root shell on my machine: yes
Control Panel: none
version of my client: winacme 2.1.18; wincertes 1.4.3
This is just Windows doing random things, disregard that.
This is the correct chain. This server is sending everything correctly.
The expiring DST Root CA X3 is intentional. This certificate by IdenTrust is pretty much end of life. That's why ISRG Root X1 - a (new) root by Let's Encrypt - is in the chain, so validators can use that. DST Root CA X3 is still included for older Android compatibility.
Thanks for the clarification and details. rg305 and Nummer378! I was concern it is was something not intentional and our SSL will crash. After this date, when enrolling the DST will not be reported in the chain trust. I do see my certificates are in a healthy state. Thank you!